Container-Native Monitoring

Check it Out

Sysdig Installation Guide

If you have any issues with installation, please contact the sysdig mailing list.

Requirements

The following distributions are supported:

  • RHEL based

  • RHEL, from 6
  • CentOS, from 6
  • Amazon Linux, any version avaiable from the AWS Marketplace
  • Fedora, from 13
  • Oracle Linux, from 6
  • Debian based

  • Debian, from 6.0
  • Ubuntu, from 10.04
  • Linux Mint, from 9
  • Container based

  • Docker
  • CoreOS
  • LXC
Note: sysdig is now included in the latest versions of Debian and Ubuntu; however, sysdig is updated with new functionality all the time, so we recommend following the install instructions below to be sure you have the latest and greatest.

Basic Install

To install sysdig automatically in one step, simply run the following command as root or with sudo.

curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig | sudo bash

Advanced Install

Manual installation is also easy - just follow the relevant instructions below. This method can be useful for scripted deployments and deployments to containerized environments.

Note: for the latest packages, go here, and to compile from the source code, go here.

1) Trust the Draios GPG key, configure the yum repository

rpm --import https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public
curl -s -o /etc/yum.repos.d/draios.repo http://download.draios.com/stable/rpm/draios.repo

2) Install the EPEL repository

Note: The following command is required only if DKMS is not available in the distribution. You can verify if DKMS is available with yum list dkms

rpm -i http://mirror.us.leaseweb.net/epel/6/i386/epel-release-6-8.noarch.rpm

3) Install kernel headers

Warning: The following command might not work with any kernel. Make sure to customize the name of the package properly

yum -y install kernel-devel-$(uname -r)

4) Install sysdig

yum -y install sysdig

1) Trust the Draios GPG key, configure the apt repository, and update the package list

curl -s https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public | apt-key add -
curl -s -o /etc/apt/sources.list.d/draios.list http://download.draios.com/stable/deb/draios.list
apt-get update

2) Install kernel headers

Warning: The following command might not work with any kernel. Make sure to customize the name of the package properly

apt-get -y install linux-headers-$(uname -r)

3) Install sysdig

apt-get -y install sysdig

If you have full control of your host operating system, then installing sysdig using the normal installation method is the recommended best practice. This method allows full visibility into all containers on the host OS. No changes to the standard automatic/manual installation procedures are required.

However, sysdig can also run inside a Docker container. To guarantee a smooth deployment, the kernel headers must be installed in the host operating system, before running sysdig.

This can usually be done on Debian-like distributions with:

apt-get -y install linux-headers-$(uname -r)

Or, on RHEL-like distributions:

yum -y install kernel-devel-$(uname -r)

sysdig can then be run with:

docker pull sysdig/sysdig
docker run -i -t --name sysdig --privileged -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro sysdig/sysdig

The recommended way to run sysdig on CoreOS is inside of its own Docker container. This method allows full visibility into all containers on the host OS.

docker pull sysdig/sysdig
docker run -i -t --name sysdig --privileged -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro sysdig/sysdig

This method is automatically updated, includes some nice features such as automatic setup and bash completion, and is a generic approach that can be used on other distributions outside CoreOS as well.

However, some users may prefer to run sysdig in the CoreOS toolbox. While not the recommended method, this can be achieved by installing sysdig inside the toolbox using the normal installation method, and then manually running the sysdig-probe-loader script:

$ toolbox --bind=/dev --bind=/var/run/docker.sock
# curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig | bash
# sysdig-probe-loader
Note: currently only the Linux version of sysdig is capable of capturing events and doing live analysis. On the other platforms, you will be limited to working with the trace files generated by a Linux installation of sysdig.

Requirements

The following versions of Windows are supported:

  • Windows Vista
  • Windows 7
  • Windows 8 and 8.1
  • Windows Server 2003, 2008 and 2012

Installation

  1. Download and install the Visual Studio 2013 x86 Redistributable (vcredist_x86.exe) from here
  2. Download the sysdig zip file from here
  3. Unzip the file
  4. Open a command prompt and navigate to the unzipped folder
  5. You can now run sysdig, e.g. sysdig -cl
Note: currently only the Linux version of sysdig is capable of capturing events and doing live analysis. On the other platforms, you will be limited to working with the trace files generated by a Linux installation of sysdig.

Homebrew

brew update
brew install sysdig

MacPorts

sudo port install sysdig

Container-Native Monitoring

Check it Out